Vulnerability Details CVE-2025-12871
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-12871
-
cpe:2.3:a:aenrich:a+hrd:5.0
-
cpe:2.3:a:aenrich:a+hrd:5.3
-
cpe:2.3:a:aenrich:a+hrd:5.4
-
cpe:2.3:a:aenrich:a+hrd:5.4.1125v112
-
cpe:2.3:a:aenrich:a+hrd:5.5
-
cpe:2.3:a:aenrich:a+hrd:5.5.1098v156
-
cpe:2.3:a:aenrich:a+hrd:5.6
-
cpe:2.3:a:aenrich:a+hrd:5.6.1067v110
-
cpe:2.3:a:aenrich:a+hrd:6.0
-
cpe:2.3:a:aenrich:a+hrd:6.1
-
cpe:2.3:a:aenrich:a+hrd:6.2
-
cpe:2.3:a:aenrich:a+hrd:6.3
-
cpe:2.3:a:aenrich:a+hrd:6.4
-
cpe:2.3:a:aenrich:a+hrd:6.5
-
cpe:2.3:a:aenrich:a+hrd:6.6
-
cpe:2.3:a:aenrich:a+hrd:6.7
-
cpe:2.3:a:aenrich:a+hrd:6.8
-
cpe:2.3:a:aenrich:a+hrd:6.8.1039v844
-
cpe:2.3:a:aenrich:a+hrd:6.8.1039v920
-
cpe:2.3:a:aenrich:a+hrd:7.0
-
cpe:2.3:a:aenrich:a+hrd:7.1
-
cpe:2.3:a:aenrich:a+hrd:7.2
-
cpe:2.3:a:aenrich:a+hrd:7.4
-
cpe:2.3:a:aenrich:a+hrd:7.5